[Tickets #14193] allow and deny directives in .htaccess broken

noreply at bugs.horde.org noreply at bugs.horde.org
Mon Dec 14 15:02:40 UTC 2015


BITTE NICHT AUF DIESE NACHRICHT ANTWORTEN. NACHRICHTEN AN DIESE  
E-MAIL-ADRESSE WERDEN NICHT GELESEN.

Ticket-URL: https://bugs.horde.org/ticket/14193
------------------------------------------------------------------------------
  Ticket           | 14193
  Erstellt Von     | heinz at htl-steyr.ac.at
  Zusammenfassung  | allow and deny directives in .htaccess broken
  Warteschlange    | Horde Base
  Version          | Git master
  Typ              | Enhancement
  Status           | New
  Priorität        | 2. Medium
  Milestone        |
  Patch            |
  Zuständige       |
------------------------------------------------------------------------------


heinz at htl-steyr.ac.at (2015-12-14 15:02) hat geschrieben:

The directives Allow from, Deny from, Order ... provided by the apache  
module mod_access_compat have been deprecated.

In newer apache installations the mod_authz_* modules are used instead  
by default and the provided .htaccess files of horde leads in an error  
500 (eg. invalid command "allow")

So all .htaccess files of horde and horde-applications should look like this:

In case of "Allow from all":
<IfModule !mod_access_compat.c>
   Require all granted
</IfModule>
<IfModule mod_access_compat.c>
   Allow from all
</IfModule>

In case of "Deny from all":
<IfModule !mod_access_compat.c>
   Require all denied
</IfModule>
<IfModule mod_access_compat.c>
   Deny from all
</IfModule>








More information about the bugs mailing list